Application Security Engineer (Remote)


SORAMITSU is an award-winning financial technology company delivering blockchain-based solutions that represent the next-generation of fintech and DeFi for enterprises, universities, and governments.

Established in Japan in 2016. Currently employing over 100 people across the globe with offices in Switzerland, Russia, Cambodia, Thailand, Japan, Niue and Dubai.

We have many widely recognized projects in both institutional and crypto, including BakongFearless WalletKAGOMEFUHON, and of course, our core contributions to Hyperledger IrohaSORA and Polkaswap.

SORAMITSU was recognized as the “Central Bank Digital Currency Partner of the Year 2020” by Central Banking.

You can familiarize yourself with our various activities by visiting our homepage at or check out our Twitter profile.

Our distributed team is spread across Europe, Asia, Middle East, North America and Oceania. We use Telegram for communication, Zoom for meetings, Google Workspace and Notion for collaboration, and Jira, Confluence and GitHub to facilitate agile development processes in general.

SORAMITSU CO., LTD. / Application Security Engineer (Remote)の求人情報

仕事内容【You will be responsible for】
- Helping us to follow Secure (Safe) Software Development Lifecycle
- Performing code review in accordance with SANS 25 and OWASP Top 10
- Performing Static Code Security Testing (SCST) and Continuous Penetration Testing (CPT);
- Working with various teams (and stacks of technologies) to make security audit of products codebase
- Identifying vulnerabilities
- Helping teams during design of new products/features from security perspective
- Threat Modelling
- Presenting to managers and consultants of the company
- Creating technical requirements and documentation
待遇【What we offer】
-An opportunity to be a part of an award-winning team designing a better world through decentralized technologies
-Flexible work schedule and relaxed work environment
-Permanent, full-time position with a growing international team of professionals
-Quarterly bonuses based on productivity
-Educational budget
-Possibility of relocation to Thailand or Dubai
-Possibility to visit global meetups and conferences for education and/or giving a speech
必須スキル・経験【You will need to know】
- Cryptography, blockchain technology and distributed systems
- Experience with discovering vulnerabilities at design/system level
- Knowledge of securing against common issues (including OWASP Top 10 and Mobile Top 10)
- Security assessment skills
- Capable of coding if required
- Experience with designing, implementing and maintaining application security tools and processes in Secure Software Development Lifecycle
- Experience working with one or more SAST, DAST tools
- Understanding of networks and web protocols
- Self-motivated to identify security problems and engage with teams to find solutions.
歓迎スキル・経験【Would be nice if you had】
- Understanding of AWS products
- CTF or bug bounty experience
- Experience with CI/CD tools and pipelines



東京都Link Square Shinjuku 16F, 5-27-5, Sendagaya, Shibuya-ku, Tokyo
企業概要financial technology company